Malicious code in massive (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector 02d8dea3e47a2bd45fc796f33fc582956aec2be887add9672fd5eccc91c2135d Package self-describes as the 'Official Massive formerly Polygon.io REST and Websocket client,' a false rebrand claim — Polygon.io has not changed...

MAL-2026-4794 Malicious code in indextts-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc206ef48bfccaec8e81aac2b666e2d54a4a027e8432cc1d08d3823cf333caca setup.py executes git clone --depth 1 --branch dev-3.12 https://github.com/gabry-lab/index-tts during the buildpy / egginfo / sdist / bdistwheel...

Malicious code in indextts-cli (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: amazon-inspector fc206ef48bfccaec8e81aac2b666e2d54a4a027e8432cc1d08d3823cf333caca setup.py executes git clone --depth 1 --branch dev-3.12 https://github.com/gabry-lab/index-tts during the buildpy / egginfo / sdist / bdistwheel...

python-markdown: denial of service via malformed HTML-like sequences

A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive informati...

Important: Red Hat Security Advisory: python-markdown security update

An update for python-markdown is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

python-markdown: denial of service via malformed HTML-like sequences

A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive informati...

Important: Red Hat Security Advisory: python-markdown security update

An update for python-markdown is now available for Red Hat Enterprise Linux 9.4 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating...

SUSE-SU-2026:2067-1 Security update for python-urllib3_1

This update for python-urllib31 fixes the following issue - CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects bsc1265267...

Security update for python-urllib3_1

This update for python-urllib31 fixes the following issue CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects bsc1265267. Patch Instructions: To install this SUSE update use the SUSE recommended installation metho...

Security update for python-urllib3

This update for python-urllib3 fixes the following issue CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects bsc1265267. Patch Instructions: To install this SUSE update use the SUSE recommended installation method...

SUSE-SU-2026:2065-1 Security update for python-urllib3

This update for python-urllib3 fixes the following issue - CVE-2026-44431: sensitive information disclosure due to sensitive headers being forwarded across origins in proxied low-level redirects bsc1265267...

python-markdown: denial of service via malformed HTML-like sequences

A flaw was found in Python-Markdown. Parsing crafted markdown content containing malformed HTML-like sequences causes html.parser.HTMLParser to raise an unhandled AssertionError. This unhandled exception allows an attacker to cause an application crash and potentially disclose sensitive informati...

Important: Red Hat Security Advisory: python-markdown security update

An update for python-markdown is now available for Red Hat Enterprise Linux 10.0 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Important. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is...

Moderate: Red Hat Security Advisory: python-tornado security update

An update for python-tornado is now available for Red Hat Enterprise Linux 9.6 Extended Update Support. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, is availab...

tornado-python: Tornado: Denial of Service via large multipart bodies

A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...

Malicious code in mistral-search-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4f3c615d5d39af7634550be88e5630a25b7a3dbd5bd2a8717cb01f07f06a5cd2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

MAL-2026-4358 Malicious code in mistral-search-toolkit (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 4f3c615d5d39af7634550be88e5630a25b7a3dbd5bd2a8717cb01f07f06a5cd2 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...

tornado-python: Tornado: Denial of Service via large multipart bodies

A flaw was found in tornado-python. A remote attacker can exploit this vulnerability by sending a specially crafted, very large multipart body with numerous parts. Because the parsing of these large bodies occurs synchronously on the main thread, it can consume excessive resources, leading to a...

Moderate: Red Hat Security Advisory: python-tornado security update

An update for python-tornado is now available for Red Hat Enterprise Linux 9.2 Update Services for SAP Solutions. Red Hat Product Security has rated this update as having a security impact of Moderate. A Common Vulnerability Scoring System CVSS base score, which gives a detailed severity rating, ...

Malicious code in mistral-workflows-plugins-webhook (PyPI)

--- -= Per source details. Do not edit below this line.=- Source: kam193 e87825efe9006ca3d435869b276f0d8526a1255ec71ac6e7aa0ea1bb068b6673 Installing the package or importing the module exfiltrates basic information about the host, and the package has no other purpose. --- Category: PROBABLYPENTES...